package br.unipar.blog.web.servlet;

import br.unipar.blog.persistence.entity.Usuario;
import br.unipar.blog.persistence.manager.usuario.UsuarioManager;
import java.io.IOException;
import javax.servlet.http.HttpServletResponse;
import org.apache.commons.codec.digest.DigestUtils;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.bind.annotation.RequestParam;


@Controller
public class UsuarioServlet {
    
    @Autowired
    private UsuarioManager usuarioManager;

    @RequestMapping(
        method=RequestMethod.POST,
        value="/login"
    )
    public void acessar(
            @RequestParam("login") String email,
            @RequestParam("senha") String senha,
            HttpServletResponse resp)
            throws IOException {

        Usuario usuario = usuarioManager.buscar(email);

        senha = DigestUtils.md5Hex(senha);

        if (usuario != null && usuario.getSenha().equals(senha)) {
            resp.setStatus(resp.SC_OK);
            return;
        }

        resp.sendError(resp.SC_FORBIDDEN);
    }

}
